| With the rapid development of information technology, database security has become a serious issue. Access Control is a primary solution to database security.In this paper, based on database security and operation system security theory, a security database protection system (SDPS) was designed and implemented, which combined Role Based Access Control, File Access Control and network package inspection technology. SDPS was composed of four sub modules, which were Database Network Port Listening and Controlling (DNPLC), Permission Management based on Role (PMBR), Authenticated Database Access Control (ADAC), and Access Agent based on Role (AABR). For DNPLC, Linux Netfilter was utilized to capture, analyze and filter packages, which enhanced the performance of database security in network. For PMBR and ADAC, the CA certificate mechanism was used to improve the security of the whole system. For AABR, LSM was applied to implement the access control of user and role permission by capturing and analyzing information from Linux Core, which increased the performance of authenticated database security. After user testing, it is indicated that SDPS presented in this paper do well at protecting database information and role permission information. |
PDF Full Text Request